[
https://issues.apache.org/jira/browse/HDDS-10889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated HDDS-10889:
----------------------------------
Labels: pull-request-available (was: )
> Remove certificate revocation related code.
> -------------------------------------------
>
> Key: HDDS-10889
> URL: https://issues.apache.org/jira/browse/HDDS-10889
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: István Fajth
> Assignee: István Fajth
> Priority: Major
> Labels: pull-request-available
>
> Certificate revocation code was never in use, and should not be solved this
> way, as discussed in the design for HDDS-7331, this approach we currently
> have is not feasible, as clients other than ours (where we can ensure a
> mechanism to distribute the CRL internally) will not be able to determine if
> a certificate is revoked or not.
> Also it is error prone to distribute the CRL this way, especially because the
> general SSL protocol defines the way how it should be done.
> This JIRA is to remove the related code from our codebase.
> Note: this is beneficial for the crypto compliance related work also, as it
> helps to get rid of some bouncycastle dependencies in the easier way instead
> of maintaining this piece of unused and to be deleted code.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org
